GitHub Archives - Securezoo

Bad actors can abuse GitHub Codespaces feature to deliver malware

Authentication, Source Code Security / Frank Crast / January 17, 2023 / Codespaces, GitHub

Researchers from Trend Micro have discovered a way for bad actors to abuse a GitHub Codespaces feature to deliver malware.

Bad actors can abuse GitHub Codespaces feature to deliver malware Read More »

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories

Application Security, Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / December 29, 2021 / 0-day, App Service, Azure, GitHub, IIS, Local Git, Microsoft, Node, PHP, Python, Ruby, Windows

A four-year old Microsoft Azure App Service 0-day vulnerability dubbed “NotLegit” affects hundreds of source code repositories.

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories Read More »

Researchers discover Critical RCE 0-day “Log4Shell” vulnerability (CVE-2021-44228) in Apache Log4j logging utility (update)

Application Security, Security Updates & Patches, System Hardening, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / December 15, 2021 / Apache, CVE-2021-44228, GitHub, LDAP, Log4j, log4Shell

Researchers have discovered a Critical 0-day vulnerability (CVE-2021-44228) in Apache Log4j logging utility that can result in remote code execution (RCE). In addition, CISA and Microsoft also issue new guidance for log4j vulnerability remediation.

Researchers discover Critical RCE 0-day “Log4Shell” vulnerability (CVE-2021-44228) in Apache Log4j logging utility (update) Read More »

GitHub fixes 2 npm registry vulnerabilities

Application Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 20, 2021 / 2FA, GitHub, JavaScript, NPM, registry

GitHub has fixed two node package manager (npm) registry vulnerabilities, one of those could allow an attacker to publish new versions of an npm package without proper authorization.

GitHub fixes 2 npm registry vulnerabilities Read More »

New Proof of Concept tool demos BrakTooth vulnerability exploits

Network Security, Vulnerabilities & Exploits / Frank Crast / November 8, 2021 / bluetooth, BrakTooth, GitHub, POC

Security researchers have released a new Proof of Concept (PoC) tool that demonstrates BrakTooth vulnerability exploits against Bluetooth-enabled devices.

New Proof of Concept tool demos BrakTooth vulnerability exploits Read More »

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 26, 2021 / ACL, CVE-2021–36934, GitHub, HiveNightmare, SAM, SeriousSAM

Microsoft has issued a workaround for a serious zero-day vulnerability CVE-2021–36934 dubbed “SeriousSAM” that could allow an attacker to read any registry hives as a non-administrator.

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability Read More »

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity

Application Security, Cybersecurity Attacks, Data Breach / Frank Crast / February 26, 2021 / AppSec, CodeQL, GitHub, IOC, Microsoft, Open Source, Solarigate, SolarWinds, Source Code, Supply Chain

Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity Read More »

Drupal patches Critical third-party library vulnerability (CVE-2020-36193)

Application Security, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / January 23, 2021 / Archive_Tar, CVE-2020-36193, Drupal, GitHub, third party

Drupal has patched a Critical third-party library vulnerability (CVE-2020-36193) that affects multiple versions of Drupal Core.

Drupal patches Critical third-party library vulnerability (CVE-2020-36193) Read More »

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks

Cloud Security, Cybersecurity Articles, Cybersecurity Attacks, Malware / Frank Crast / October 2, 2020 / C2, COVID-19, GADOLINIUM, GitHub, KRYPTON, Microsoft, PowerSHell, ZINC

Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks Read More »

XCSSET mac malware targets Xcode projects to deliver malicious payloads

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / August 17, 2020 / Apple, Data Vault, GitHub, macOS, malware, Xcode, XCSSET

Security researchers have discovered a new mac malware dubbed XCSSET. The malware not only inserts malicious code into XCode projects, but also leverages two zero-days to exploit a flaw in Data Vaults and plant a JavaScript backdoor in Safari.

XCSSET mac malware targets Xcode projects to deliver malicious payloads Read More »